Hi All, I am using rsync to backup our office server to our Internet server (RHE). As an association for doctors we are looking at providing a backup service for their practices using rsync. As it would be patient data it would need to be encrypted. I have found a few options, namely esync wurt rsyncrypto Does anyone have experience with the above and perhaps like to recommend one? On the client side we are on Windows boxes using cygwin. Thanks Gary +-------------------------------------------+ Gary Holzer cmebookings.com service manager Adelaide Central & Eastern Division of General Practice ~ ACEDGP email : gary.holzer@acedivision.com.au mobile : 0417 094 921 direct : (08) 8273 5903 switch : (08) 8271 5455 fax : (08) 8271 1055 w: www.acedivision.com.au & www.cmebookings.com postal: PO Box 17 ~ Fullarton ~ SA 5063 location: Glenside Campus ~ 226 Fullarton Rd ~ Glenside ~ SA 5065 ACEDGP - "Providing Health Care Intelligence"
> Hi All, > > I am using rsync to backup our office server to our Internet server (RHE). > As an association for doctors we are looking at providing a backup > service > for their practices using rsync. As it would be patient data it would need > to be encrypted. I have found a few options, namelyDo you need to encrypt data in transit or at the backup site?> esync > wurt > rsyncrypto > > Does anyone have experience with the above and perhaps like to recommend > one? On the client side we are on Windows boxes using cygwin. > > Thanks > > Gary > > > > > > > +-------------------------------------------+ > Gary Holzer > cmebookings.com service manager > > Adelaide Central & Eastern Division of General Practice ~ ACEDGP > email : gary.holzer@acedivision.com.au > mobile : 0417 094 921 > direct : (08) 8273 5903 > switch : (08) 8271 5455 > fax : (08) 8271 1055 > > w: www.acedivision.com.au & www.cmebookings.com > postal: PO Box 17 ~ Fullarton ~ SA 5063 > location: Glenside Campus ~ 226 Fullarton Rd ~ Glenside ~ SA 5065 > > ACEDGP - "Providing Health Care Intelligence" > > > -- > To unsubscribe or change options: > https://lists.samba.org/mailman/listinfo/rsync > Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html >
I am using a SSH tunnel for transit, so just the backup site GH +-------------------------------------------+ Gary Holzer cmebookings.com service manager Adelaide Central & Eastern Division of General Practice ~ ACEDGP email : gary.holzer@acedivision.com.au mobile : 0417 094 921 direct : (08) 8273 5903 switch : (08) 8271 5455 fax : (08) 8271 1055 w: www.acedivision.com.au & www.cmebookings.com postal: PO Box 17 ~ Fullarton ~ SA 5063 location: Glenside Campus ~ 226 Fullarton Rd ~ Glenside ~ SA 5065 ACEDGP - "Providing Health Care Intelligence"> -----Original Message----- > From: tmc@dreamcraft.com.au [mailto:tmc@dreamcraft.com.au] > Sent: Friday, 13 May 2005 2:43 PM > To: gary.holzer@acedivision.com.au > Cc: rsync@lists.samba.org > Subject: Re: Encryption > > > > Hi All, > > > > I am using rsync to backup our office server to our Internet > server (RHE). > > As an association for doctors we are looking at providing a backup > > service > > for their practices using rsync. As it would be patient data it > would need > > to be encrypted. I have found a few options, namely > > Do you need to encrypt data in transit or at the backup site? > > > esync > > wurt > > rsyncrypto > > > > Does anyone have experience with the above and perhaps like to recommend > > one? On the client side we are on Windows boxes using cygwin. > > > > Thanks > > > > Gary > > > > > > > > > > > > > > +-------------------------------------------+ > > Gary Holzer > > cmebookings.com service manager > > > > Adelaide Central & Eastern Division of General Practice ~ ACEDGP > > email : gary.holzer@acedivision.com.au > > mobile : 0417 094 921 > > direct : (08) 8273 5903 > > switch : (08) 8271 5455 > > fax : (08) 8271 1055 > > > > w: www.acedivision.com.au & www.cmebookings.com > > postal: PO Box 17 ~ Fullarton ~ SA 5063 > > location: Glenside Campus ~ 226 Fullarton Rd ~ Glenside ~ SA 5065 > > > > ACEDGP - "Providing Health Care Intelligence" > > > > > > -- > > To unsubscribe or change options: > > https://lists.samba.org/mailman/listinfo/rsync > > Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html > > >
Gary Holzer wrote:>Hi All, > >I am using rsync to backup our office server to our Internet server (RHE). >As an association for doctors we are looking at providing a backup service >for their practices using rsync. As it would be patient data it would need >to be encrypted. I have found a few options, namely > >esync >wurt >rsyncrypto > >Does anyone have experience with the above and perhaps like to recommend >one? On the client side we are on Windows boxes using cygwin. > >Thanks > >I am (as you know) the maintainer for rsyncrypto. I looked a little into esync (a while back, I'm not sure I fully remember the differences, though). I have no idea what wurt is, so a link would be greatly appreciated. The main difference between rsyncrypto and esync is in the amount of state information stored between operations. With rsyncrypto, this is a mere 52 bytes, containing the initial value for the CBC, the symmetric encryption key for the file, as well as three parameters used to determine CBC resets. This information is enough to make a repeated encryption of the same file (modified or not) identical enough to the original that rsync will manage to pick up just the differences. This 52 byte file is fully recoverable from the encrypted file, if you have the assymetric private key. Esync, assuming I understood it correctly, actually requires keeping around enough information about the properties of the reset points (it uses a completely different algorithm). On first reading the esync algorithm sounded like one having a cryptographic weakness, but: 1. It was a long time ago, and I don't remember the details. 2. On second reading I remember thinking that the hole was plugged after all, at the expense of performance. 3. I cannot be said to be impartial, being as I maintain a "competing" technology. Also with esync: - You need a custom version of rsync on both ends. - May be relevant for you - there is no Debian package :-) Bear in mind that any manipulation to an encryption system to make it rsync friendly means that we are weakening it. This is obviously true for rsyncrypto too. Myself, I'm fairly confident that the weakening is nothing to be worried about, but do bear that in mind. This is stepping off the trodden path, a cryptographic risk, in exchange for better network performance. As for experience, rsyncrypto is part of a commercial backup service my company is running, so you can say I have some experience with it, yes :-). Shachar -- Shachar Shemesh Lingnu Open Source Consulting ltd. Have you backed up today's work? http://www.lingnu.com/backup.html
sreedhar_ab@rediffmail.com
2006-Oct-13 17:08 UTC
How to use "Rsyncrypto" along with Rsync to backup files/folders?
Hi Shachar Shemesh, Please I need your help! I am using Rsync to backup my files/folders. I am running Rsync on a Windows OS with Cygwin. Now, I want to Encrypt the files during backup. I can understand that "Rsyncrypto" can solve my purpose. But the big question is I am not understanding how to use "Rsyncrypto" along with Rsync on Window. I hope you will resolve my following queries: 1. How to setup "Rsyncrypto" to encrypt/decrypt the files under windows. 2. How much time "Rsyncrypto" will consume to Encrypt/Decrypt for a file of size 4GB 3. If I encrypt a file using "Rsyncrypto", during file backup using Rsync, whether Rsync can perform the incremental backup of the same file during next transfer. 4. Is there any difference in transfer performance with regular file (file without encryption) and encrypted file (file encrypted using "Rsyncrypto") transfer using Rsync. I will be really grateful to you in case if you clear my all the above doubts. Thank you in advance! Thanks & Regards Sreedhar -- This message was sent on behalf of sreedhar_ab@rediffmail.com at openSubscriber.com http://www.opensubscriber.com/message/rsync@lists.samba.org/1311584.html